Trust Score
pro/v1/score/trustCalculates a composite trust score (0-100) from 7 weighted signals: domain age (20%), Tranco global popularity ranking (20%), WHOIS transparency (15%), certificate quality — EV/OV/DV type and validity period (15%), registrar reputation (15%), DNSSEC adoption (10%), and typosquat risk analysis (5%). Returns a risk level (low/medium/high/critical), individual trust factor scores, and specific red flags identified. Methodology draws on DomainTools risk scoring, Google Safe Browsing threat indicators, and Certificate Transparency (RFC 6962) data.
What It Does
Analyzes 7 trust dimensions in parallel. Domain age scoring (max 20 pts) awards full marks for domains registered 5+ years ago, scaling down to 0 pts for newly registered domains — over 40% of newly registered domains are associated with fraud. Tranco ranking scoring (max 20 pts) gives 20 pts for top 1K sites, 18 pts for top 10K, 15 pts for top 100K, and 10 pts for top 1M. WHOIS transparency scoring (max 15 pts) awards 15 pts for visible registrant details, 12 pts when privacy protection is used. Certificate quality scoring (max 15 pts) differentiates EV (12 pts), OV (10 pts), and DV (7 pts) certificates with bonus points for long validity periods. Registrar reputation scoring (max 15 pts) awards 15 pts for premium registrars, 12 pts for ICANN-accredited, and 5 pts for standard registrars. DNSSEC scoring (10 pts) validates chain presence. Typosquat risk scoring (max 5 pts) detects if the domain itself appears to be a typosquat of a known brand, deducting points for similar-domain patterns.
Why It's Useful
Trust scoring is critical for phishing detection, fraud prevention, and brand protection. Over 70% of newly registered domains are malicious or suspicious according to Palo Alto Unit 42 research. A composite trust score enables automated triage of suspicious domains, real-time fraud scoring for payment transactions, and proactive brand impersonation detection. The multi-signal approach avoids false positives — a single weak signal (like privacy-protected WHOIS) does not unfairly penalize legitimate domains when other trust factors are strong.
Use Cases
Phishing Triage & Investigation
Score domains reported in phishing emails or extracted from threat feeds to prioritize investigation. Low-trust domains (score <30) with recent registration dates, no DNSSEC, and DV certificates are strong phishing indicators.
Reduce phishing investigation time by 60-80% with automated trust-based triage that surfaces the highest-risk domains first.
Real-Time Fraud Prevention
Evaluate the trustworthiness of domains used in e-commerce transactions, referral URLs, or checkout redirects. Block or flag transactions involving domains with critical or high risk levels before payment processing.
Prevent payment fraud by blocking transactions routed through low-trust domains — catching infrastructure that traditional blocklists miss during the 24-48 hour gap.
Brand Impersonation Detection
Monitor for low-trust domains that incorporate your brand name, trademarks, or product names. Combine trust scoring with typosquat detection to identify domains registered specifically for brand abuse campaigns.
Identify brand impersonation domains before they launch phishing campaigns — the first 32 days after registration is the optimal detection window.
Vendor & Partner Due Diligence
Score partner and vendor domains as part of onboarding due diligence. Flag vendors with trust scores below your organization threshold (e.g., <60) for manual review. Check domain age, registrar quality, and certificate type as baseline trust indicators.
Data-driven vendor trust assessment that catches domains with suspicious registration patterns or poor infrastructure hygiene.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | The domain to evaluate trustworthiness for. Analyzed via WHOIS, DNS, CT logs, and Tranco ranking.Example: example.com |
Response Fields
| Field | Type | Description |
|---|---|---|
domain | string | The evaluated domain |
score | number | Composite trust score 0-100 (weighted sum of 7 factors) |
grade | string | Letter grade: A+ (95-100), A (85-94), B (70-84), C (50-69), D (30-49), F (0-29) |
gradeDescription | string | Human-readable description of the grade meaning |
breakdown | object | Individual trust factor scores with score, max, and details |
breakdown.age | object | Domain registration age analysis (max 20 pts) |
breakdown.ranking | object | Tranco global popularity ranking (max 20 pts) |
breakdown.whoisPrivacy | object | WHOIS registrant transparency (max 15 pts) |
breakdown.certificate | object | Certificate type EV/OV/DV and validity (max 15 pts) |
breakdown.registrar | object | Registrar accreditation level (max 15 pts) |
breakdown.dnssec | object | DNSSEC chain validation (max 10 pts) |
breakdown.typosquat | object | Typosquat pattern detection (max 5 pts) |
recommendations | array | Actionable recommendations for improving trust score (e.g., enable DNSSEC, upgrade to EV certificate) |
componentCount | number | Number of trust factors evaluated (max 7, fewer if data unavailable) |
partialFailure | boolean | Whether any data sources failed during evaluation — score may be less reliable when true |
failedComponents | array | List of components that failed: whois, certificate, dnssec. Empty when all sources succeed |
Code Examples
curl "https://api.edgedns.dev/v1/score/trust" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain=example.com"const response = await fetch(
'https://api.edgedns.dev/v1/score/trust?domain=example.com',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/score/trust',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': 'example.com'
}
)
data = response.json()
print(data)Read the full Trust Score guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
WHOIS Lookup
Get domain registration data via RDAP, the modern WHOIS replacement
SSL Certificates
Analyze active SSL/TLS certificate details
Security Score
Composite security score from 8 weighted factors
Email Score
Rate email security (SPF, DKIM, DMARC)
Typosquatting Detection
Detect typosquat domains that could impersonate your brand
External References
Learn more about the standards and protocols behind this endpoint.